Didn’t get your verification email? Check your junk folder or
Didn’t get your verification email? Check your junk folder or
Deconflict, Inc. (“Deconflict,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information of those who interact with our Services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access our crypto wallet intelligence platform and related services (collectively, the “Services”).
This Privacy Policy applies to law enforcement agencies, financial institutions, cryptocurrency exchanges, fintech companies, and other verified users (“you” or “users”) who register for and use our Services.
By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.
This Privacy Policy applies to personal information we collect through:
Our website at deconflict.com
Our web-based application and dashboard
Our API services
Email and other communications with us
Registration and account management processes
This Privacy Policy does not apply to:
Information processed on behalf of our customers: When law enforcement agencies or other customers submit crypto wallet data to our platform, we act as a service provider processing that data according to our Terms of Service and contracts with those customers, not under this Privacy Policy.
Third-party websites or services: Our Services may contain links to third-party websites or services that have their own privacy policies. We are not responsible for the privacy practices of these third parties.
Employee or job applicant data: Information about Deconflict employees and job applicants is covered under separate internal policies.
User Personal Information (covered by this Privacy Policy): Information about you as a registered user of our platform, including your name, email address, organization, and account credentials.
Submitted Wallet Intelligence (not covered by this Privacy Policy): Crypto wallet addresses, risk indicators, and related intelligence submitted by law enforcement agencies and other verified users. This data is processed under our Terms of Service and customer contracts, and does not contain personally identifiable information about suspects, victims, or investigation subjects.
The information we collect depends on how you interact with our Services and the requirements of applicable law. We collect only the information necessary to provide, secure, and improve our Services.
When you create an account, we collect:
Full legal name
Official email address (typically a government, institutional, or corporate domain email)
Organization or agency name
Job title or role
Username and password (passwords are salted and hashed using bcrypt)
Phone number (optional, for multi-factor authentication)
Payment information (if applicable)
For law enforcement and certain institutional users, we may collect:
Agency or institutional affiliation documentation
Professional credentials or verification codes
Official correspondence to confirm identity and authorization
Government-issued badge numbers or employee identification numbers (for law enforcement verification purposes only)
We do not collect:
Social Security numbers or national identification numbers
Biometric information such as fingerprints or facial recognition data
Criminal Justice Information Services (CJIS) data, criminal histories, or law enforcement case files
Police report numbers, victim or suspect information
When you contact us for support, feedback, or inquiries, we may collect:
Email address
Phone number
Content of your messages and correspondence
Any information you choose to provide in your communications
When you submit crypto wallet intelligence to our platform, we collect:
Crypto wallet addresses (public blockchain identifiers)
Risk indicators, flags, or classifications you assign
Timestamps and metadata about submissions
Your agency or organization identifier and submitter email address
Optional contextual notes (we instruct users not to include PII, case numbers, or investigative details)
This wallet data is not personal information and is used to enhance our intelligence platform and services.
When you access our Services, we automatically collect:
IP address and approximate geographic location (derived from IP)
Browser type and version
Operating system and device type
Access timestamps and session duration
Referring URLs and pages visited within our Services
API request logs (for API users)
To protect our Services and users, we collect:
Login attempt records and authentication logs
Unusual access patterns or anomalies
Rate limiting and abuse detection metrics
We do not use:
Cookies for tracking or analytics
Third-party analytics services (e.g., Google Analytics)
Social media pixels or advertising trackers
We do use:
Session tokens for authentication (temporary, deleted on logout)
Server logs for security monitoring and troubleshooting
Technical cookies strictly necessary for platform functionality (e.g., maintaining your login session)
If we decide to implement analytics or additional tracking technologies in the future, we will update this Privacy Policy and provide appropriate notice and choice mechanisms.
We may receive limited information from third parties, including:
Email domain verification services to confirm institutional affiliations
Public records or professional databases to verify law enforcement or institutional credentials
Payment processors (if applicable) for billing and transaction processing
We do not purchase personal information from data brokers or marketing lists.
We use your personal information for the following legitimate business purposes:
Create and manage your user account
Authenticate your identity and authorize access to appropriate features
Enable you to submit and access crypto wallet intelligence
Provide API access to verified customers
Process and respond to your support requests
Facilitate deconfliction and investigative coordination among verified users
Enhance our intelligence platform through analysis of submitted wallet data and user interaction patterns
Develop advanced analytical capabilities for crypto wallet risk assessment
Analyze usage patterns to enhance platform features and user experience
Develop new intelligence products and API capabilities
Conduct internal research and development
Note: We improve our platform using aggregated wallet data submitted by users, not your personal account information. The intelligence derived from submitted wallet addresses helps us build better risk detection capabilities for all users.
Detect and prevent unauthorized access, account takeovers, and security threats
Monitor for platform abuse, data scraping, or malicious activity
Investigate and respond to potential violations of our Terms of Service
Maintain audit logs for security and compliance purposes
Respond to lawful requests from law enforcement or regulatory authorities
Comply with applicable laws, regulations, and legal processes
Enforce our Terms of Service and other agreements
Protect our rights, property, and safety, and those of our users and the public
Send account-related notifications (e.g., password resets, security alerts)
Provide technical support and respond to inquiries
Notify you of material changes to our Services, Terms of Service, or Privacy Policy
We do not use your personal information for:
Marketing, advertising, or promotional communications (unless you explicitly opt in)
Selling or renting your personal information to third parties
Behavioral profiling or targeted advertising
We share your personal information only in the limited circumstances described below. We do not sell, rent, or trade your personal information.
We engage trusted third-party service providers to perform functions on our behalf, including:
Cloud infrastructure and hosting: Amazon Web Services (AWS) for secure, U.S.-based data storage and computing
Email communications: Transactional email service providers for account notifications and support
Security services: Providers of authentication, encryption, and threat detection tools
These service providers are contractually obligated to:
Use your information only to provide services to us
Implement appropriate security measures
Comply with applicable data protection laws
Not disclose or use your information for their own purposes
We provide aggregated, anonymized crypto wallet intelligence to verified customers (financial institutions, cryptocurrency exchanges, fintech companies) via our API. This intelligence includes:
Wallet risk types and classifications
Flagged wallet categories (e.g., sanctioned entities, fraud indicators)
Statistical patterns and trends
Advanced risk assessments and analytics
What we share via API:
Crypto wallet addresses and associated risk metadata
Aggregated intelligence derived from multiple sources
Transaction pattern analysis and fund flow visualization in some cases
What we do NOT share via API:
Your personal account information (name, email, credentials) except as specified in Section 4.3 for active deconfliction
Investigation-specific details, case numbers, or contextual notes
Any personally identifiable information about suspects, victims, or investigation subjects
Information that could identify which specific user or agency submitted particular wallet data outside of active deconfliction scenarios
Contractual and Technical Safeguards:
API customers are contractually prohibited from attempting to re-identify data sources or users
Rate limiting and access controls prevent bulk data extraction
Regular audits and monitoring ensure compliance with data use restrictions
Anonymization techniques prevent traceability to individual agencies or users except where deconfliction is active
When multiple users flag the same crypto wallet address, we facilitate deconfliction and case coordination by sharing limited user information for legitimate investigative and compliance purposes.
Information Shared During Active Deconfliction:
Agency or organization name of the submitter
Email address of the submitter
This information is shared via both our SaaS dashboard and API to facilitate coordination among:
Verified law enforcement agencies investigating the same wallet
Financial institution compliance teams working related cases
Other verified users with a legitimate need for coordination
Privacy Protections:
Information is shared only when there is an active deconfliction (i.e., multiple parties have flagged the same wallet address)
Personal names of individual officers or agents are not disclosed unless the user chooses to include them in their agency profile
No case details, investigative context, or sensitive law enforcement information is shared
Badge numbers and employee identification numbers are never shared and are used solely for internal verification purposes
Users control what contact information is visible in their profile settings
We may disclose your personal information if required or permitted by law, including to:
Comply with a subpoena, court order, or other legal process
Respond to lawful requests from government authorities, regulatory agencies, or law enforcement
Enforce our Terms of Service or other agreements
Detect, prevent, or investigate fraud, security incidents, or illegal activity
Protect the rights, property, or safety of Deconflict, our users, or the public
In such cases, we will attempt to notify you unless prohibited by law or if doing so would compromise an investigation.
If Deconflict is involved in a merger, acquisition, asset sale, bankruptcy, or other business transaction, your personal information may be transferred or disclosed as part of that transaction. In such cases:
We will notify you via email
The acquiring entity will be bound by this Privacy Policy or will provide you with notice and choice regarding any changes
We may share your personal information with third parties when you explicitly authorize us to do so.
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you, including:
Statistical reports on platform usage and trends
Anonymized wallet intelligence for research and development
Industry insights and threat intelligence briefings
Once information is de-identified, we may use and disclose it without restriction, provided we do not attempt to re-identify such information.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal information based on the following legal grounds:
Processing is necessary to perform our contract with you (our Terms of Service) and provide the Services you requested.
We process your information based on our legitimate business interests, including:
Securing and improving our Services
Preventing fraud and abuse
Conducting research and development
Facilitating law enforcement deconfliction and public safety
We balance our legitimate interests against your privacy rights.
We process your information to comply with applicable laws, regulations, and legal processes.
In some cases, we process your information based on your explicit consent. When we rely on consent, you have the right to withdraw it at any time by contacting us at contact@deconflict.com.
We implement industry-standard administrative, technical, and physical safeguards to protect your personal information. Deconflict is committed to maintaining the highest standards of data protection and security.
GDPR Compliance: We are fully compliant with the General Data Protection Regulation (GDPR) for the protection of personal data of individuals in the European Economic Area, United Kingdom, and Switzerland.
SOC 2 Type II Certified: We maintain SOC 2 Type II certification, demonstrating our commitment to maintaining high standards for security, availability, processing integrity, confidentiality, and privacy of customer data.
Encryption: All data is encrypted in transit using TLS 1.3 (256-bit encryption) and at rest using AES-256 encryption
Secure infrastructure: Data is hosted on Amazon Web Services (AWS) U.S.-based servers with enterprise-grade security controls
Password protection: User passwords are salted and hashed using bcrypt
Multi-factor authentication (MFA): Optional MFA for enhanced account security
Intrusion detection: Automated monitoring for unusual access patterns and security threats
Regular security assessments: Periodic vulnerability scans and penetration testing
Role-based access controls: Deconflict personnel access personal information only on a need-to-know basis
Employee training: Regular security awareness and privacy training for all employees
Confidentiality agreements: All personnel are bound by confidentiality obligations
Vendor management: Third-party service providers undergo security assessments and are contractually required to protect your information
Secure data centers: AWS facilities employ physical security measures including access controls, surveillance, and environmental protections
Controlled access: Deconflict offices restrict physical access to systems containing personal information
In the event of a data breach affecting your personal information, we will:
Investigate and contain the incident promptly
Notify affected users within 72 hours where legally required
Report the breach to applicable regulatory authorities as required by law
Provide information about the breach and steps you can take to protect yourself
While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security of your information.
You are responsible for:
Maintaining the confidentiality of your account credentials
Using strong unique passwords
Enabling multi-factor authentication
Promptly notifying us of any unauthorized access to your account
If you become aware of any security vulnerability or unauthorized access, please contact us immediately at contact@deconflict.com.
We retain your personal information only as long as necessary to fulfill the purposes described in this Privacy Policy.
Active accounts: We retain your registration information while your account is active and you continue to use our Services
Inactive accounts: If your account remains inactive for 24 consecutive months, we may send you a notice and subsequently delete your account and associated personal information
Account deletion: If you request deletion of your account, we will delete your personal information within 30 days, unless we are required to retain it for legal, compliance, or security purposes
Access logs: IP addresses, login timestamps, and technical logs are retained for 12 months for security monitoring and troubleshooting
Security incident data: Information related to security incidents or abuse investigations may be retained longer as necessary
Correspondence and support tickets are retained for 24 months to provide continuity of service and address follow-up inquiries.
Crypto wallet data submitted to our platform is retained indefinitely to support ongoing intelligence operations and API services. This data does not contain personal information and is not subject to the retention limits above. Once wallet data is aggregated and anonymized, it may be retained permanently.
If we are subject to a legal obligation, litigation, regulatory investigation, or other legal process, we may retain your information beyond the standard retention periods until the matter is resolved.
You may request deletion of your personal information at any time. We will honor such requests unless we have a legal obligation or legitimate business reason to retain the information.
All personal information collected through our Services is stored and processed in the United States on secure Amazon Web Services (AWS) infrastructure located in U.S. data centers.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your personal information will be transferred to and processed in the United States. The United States may not provide the same level of data protection as required under EEA, UK, or Swiss law.
To ensure adequate protection of your personal information during international transfers, we rely on the following legal mechanisms:
We use Standard Contractual Clauses (SCCs) approved by the European Commission, UK International Data Transfer Agreement/Addendum, or Swiss-approved transfer mechanisms, as applicable. These are standardized contractual terms that provide appropriate safeguards for the transfer of personal information and ensure that your information receives an adequate level of protection.
In addition to Standard Contractual Clauses, we implement supplementary technical and organizational measures to protect your personal information, including:
Encryption in transit and at rest (256-bit AES encryption)
Role-based access controls limiting who can access personal information
Regular security audits and assessments
Contractual obligations binding our service providers to protect your information
Data minimization practices to collect only necessary information
SOC 2 Type II certification demonstrating our commitment to security and privacy controls
If you are located in the EEA, UK, or Switzerland, you have the right to:
Obtain information about the safeguards we use for international transfers
In certain circumstances, object to the transfer of your personal information
To exercise these rights or for more information about our data transfer practices, please contact us at contact@deconflict.com.
For users in other jurisdictions outside the EEA, UK, and Switzerland, we process your personal information in accordance with applicable local laws and implement appropriate safeguards as required.
Depending on your location and applicable law, you may have certain rights regarding your personal information.
Access: Request access to the personal information we hold about you
Correction: Request correction of inaccurate or incomplete personal information
Deletion: Request deletion of your personal information, subject to certain exceptions
Objection and Restriction: Object to or request restriction of certain processing
Data Portability: Receive a copy of your personal information in a structured, machine-readable format
Withdrawal of Consent: Withdraw consent at any time (does not affect lawfulness of prior processing)
Lodge a Complaint: Lodge a complaint with a supervisory authority
Right to Know: Request disclosure of personal information collected, sources, purposes, and third parties with whom we share it
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out: We do not sell personal information, but if we ever do, you have the right to opt out
Right to Limit Sensitive Personal Information: We do not collect sensitive personal information as defined by the CCPA
Right to Non-Discrimination: We will not discriminate against you for exercising privacy rights
Authorized Agents: You may designate an authorized agent to submit requests on your behalf
If you are a resident of Virginia, Colorado, Connecticut, Utah, or other states with comprehensive privacy laws, you may have similar rights to those described above.
To exercise any privacy rights, please contact us at:
Email: contact@deconflict.com
Subject Line: Privacy Rights Request
Mail: Deconflict, Inc., 8 The Green STE A, Dover, DE 19901, United States
Please include:
Your full name
Email address associated with your account
Description of the specific right(s) you wish to exercise
To protect your privacy and security, we will verify your identity before fulfilling your request. We will respond to verified requests within the timeframes required by applicable law, typically within 30-45 days.
If we deny your privacy request, you have the right to appeal. Contact us at contact@deconflict.com with “Privacy Rights Appeal” in the subject line.
Our Services do not respond to Do Not Track (DNT) signals as there is no industry consensus on how to respond to them.
If we detect a Global Privacy Control (GPC) signal from your browser, we will treat it as a request to opt out of the sale or sharing of your personal information, to the extent required by law. Learn more at https://globalprivacycontrol.org/.
Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children under 13 years of age.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at contact@deconflict.com.
If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as soon as possible.
We may update this Privacy Policy from time to time. When we make material changes:
We will update the “Last Updated” date at the top of this Privacy Policy
We will post the updated Privacy Policy on our website
We will notify you via email for material changes
We will provide prominent notice on our website for significant changes
Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you must stop using our Services and may request deletion of your account.
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Deconflict, Inc.
8 The Green STE A
Dover, DE 19901
United States
Email: contact@deconflict.com
Subject Line: Privacy Inquiry
For Data Privacy Framework inquiries (EEA, UK, Swiss users):
Email: contact@deconflict.com
Subject Line: Data Privacy Framework Inquiry
For Privacy Rights Requests:
Email: contact@deconflict.com
Subject Line: Privacy Rights Request
We will respond to your inquiry within 30 days.
This section provides additional disclosures required by the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and similar state privacy laws.
Identifiers
Examples: Name, email, username, organization, IP address
Sources: Directly from you; automatically
Business Purposes: Account management, authentication, security, deconfliction
Third Parties: Service providers (AWS, email); verified users during active deconfliction
Professional Information
Examples: Job title, agency affiliation, credentials, badge numbers
Sources: Directly from you; verification sources
Business Purposes: Identity verification, access control
Third Parties: Service providers
Internet Activity
Examples: IP, browser, access logs, API usage
Sources: Automatically
Business Purposes: Security, platform improvement
Third Parties: Service providers (AWS, security tools)
Commercial Information
Examples: Account status, subscription info
Sources: Directly from you; internal
Business Purposes: Service provision, billing
Third Parties: Service providers
We collect government-issued badge numbers or employee identification numbers solely for law enforcement verification purposes. This information is never shared with third parties and is used only for internal identity verification. We do not collect other categories of sensitive personal information as defined by the CCPA/CPRA (Social Security numbers, financial account credentials, precise geolocation, biometric information, health information, or information about sex life or sexual orientation).
We do not “sell” or “share” personal information as defined by the CCPA/CPRA. We have not sold or shared personal information in the preceding 12 months, and we do not have actual knowledge of any sale or sharing of personal information of minors under 16 years of age.
We retain personal information for the periods described in Section 7 of this Privacy Policy.
We use analytical tools to generate crypto wallet risk scores based on submitted wallet data. These processes do not produce legal or similarly significant effects concerning you as a registered user.
If we ever engage in the sale or sharing of personal information, we will provide a clear link titled “Do Not Sell or Share My Personal Information” on our website.
We do not offer financial incentive programs that involve the collection, retention, or sale of personal information.
By using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
Last Updated: May 1, 2025
© 2025 Deconflict Inc. An Intelligence Company. All rights reserved.